An existing 3GPP network is directed to Human-to-Human (Human-to-Human, H2H) communication, where a user identifier and equipment are in one-to-one correspondence, and the network only manages the user identifier. For example, when a mobile phone is used, a SIM card and the mobile phone are in one to one correspondence, and the network only manages the SIM card. An existing security technology may include: when a user equipment (UE) gets access to a network, a network side obtains a key (K) according to a user identifier uniquely corresponding to the UE, generates an authentication vector (Authentication Vector, hereinafter referred to as AV), completes inter-authentication of the UE and the network side by using the AV and generates system keys, so as to ensure secure communication between the UE and the network side. The user identifier may be an international mobile subscriber identity (International Mobile Subscriber Identity, IMSI).
In machine-to-machine (Machine-to-Machine, M2M) communication, the user identifier and the equipment are not in simple one-to-one correspondence, but in a multi-to-multi relationship. For example, one user corresponds to multiple pieces of terminal equipment, multiple users share one piece of terminal equipment, or multiple users correspond to multiple pieces of terminal equipment.
During a process of implementing the present invention, the inventors find that, in the M2M communication, if the existing security technology is used, secure communication may not be performed between the UE and the network side. Therefore, it is required to provide a security technology in the M2M communication, so as to implement secure communication between M2ME and the network side.